Vulnerabilities > Debian
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2023-23454 | Type Confusion vulnerability in multiple products cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | 5.5 |
| 2023-01-12 | CVE-2023-23455 | Type Confusion vulnerability in multiple products atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). | 5.5 |
| 2023-01-10 | CVE-2022-4337 | An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. | 9.8 |
| 2023-01-10 | CVE-2022-4338 | An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. | 9.8 |
| 2023-01-09 | CVE-2022-2196 | Insecure Default Initialization of Resource vulnerability in multiple products A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. | 8.8 |
| 2023-01-05 | CVE-2022-47655 | Out-of-bounds Write vulnerability in multiple products Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback<unsigned short> | 7.8 |
| 2022-12-30 | CVE-2022-34670 | Incorrect Conversion between Numeric Types vulnerability in multiple products NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure. | 7.8 |
| 2022-12-30 | CVE-2022-34674 | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak. | 6.1 |
| 2022-12-30 | CVE-2022-34677 | Incorrect Conversion between Numeric Types vulnerability in multiple products NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering. | 7.1 |
| 2022-12-30 | CVE-2022-34680 | Incorrect Conversion between Numeric Types vulnerability in multiple products NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service. | 5.5 |